severe xslate bug when use xslate to process. (Kill the whole perl)
xinminglai opened this issue · comments
Hi, I think I meet a severe bug in xslate. This bug will make perl segmentation fault.
When use this within catalyst, It'll stop the catalyst serving request.
Please check, Thanks.
#!env perl
use strict;
use warnings;
use Text::Xslate;
my $base = <<'EOF';
: if 0 {
: my $var = [ ];
: }
: for ['default'] -> $t {
: }
: block content -> { }
Good
EOF
my $xslate1 = Text::Xslate->new(
path => {
'base.tx' => $base,
'page.tx' => q{: cascade "base.tx"},
},
warn_handler => sub { die @_ },
);
my $res1 = $xslate1->render('page.tx', { });
# Here, This print, It should print a string contains "Good". But it doesn't.
print $res1;
# And now, if we extract the base.tx and page.tx into separate files. We'll
# have more severe problem.
my $xslate2 = Text::Xslate->new(
path => ['.'],
warn_handler => sub { die @_ },
);
my $res2 = $xslate2->render('page.tx', { });
# Here, This pring, It should return the same result as above, But it terminiates.
print $res2;
Sorry too late reply. sv_mortalcopy(NULL)
causes segmentation fault with your test. I confirmed your issue is fixed by following patch and all tests are passed.
diff --git a/src/Text-Xslate.xs b/src/Text-Xslate.xs
index f1e60af..2d30e53 100644
--- a/src/Text-Xslate.xs
+++ b/src/Text-Xslate.xs
@@ -874,9 +874,13 @@ tx_macro_enter(pTHX_ tx_state_t* const txst, AV* const macro, tx_pc_t const reta
for(NOOP; i < outer; i++) {
IV const real_ix = i + TXframe_START_LVAR;
/* XXX: macros can refer to unallocated lvars */
- SV* const sv = AvFILLp(oframe) >= real_ix
- ? sv_mortalcopy(AvARRAY(oframe)[real_ix])
- : &PL_sv_undef;
+ SV* sv;
+ SV* v = AvARRAY(oframe)[real_ix];
+ if (AvFILLp(oframe) >= real_ix && v) {
+ sv = sv_mortalcopy(v);
+ } else {
+ sv = &PL_sv_undef;
+ }
av_store(cframe, real_ix , sv);
SvREFCNT_inc_simple_void_NN(sv);
}
I have fixed segmentation fault issue at #159. Please check latest version. If you have no problems, then I release new version to CPAN.
Hi,
We recently encountered this bug, and I can confirm that this patch fixes it. Thanks.
New version is released.